Flaw found in anti-virus software


Flaw found in anti-virus software

Antony Savvas
Products from three popular anti-virus software companies have been found to contain a programming flaw that allows a hacker to crash a user's desktop PC.

Products from Network Associates, Trend Micro and Kaspersky Lab are affected, according to an advisory from German security company AERAsec.

Anti-virus software provides a built-in decompression engine to scan for viruses in compressed files. AERAsec has reported that the decompression engines from the three affected suppliers do not appear to cope with very large bzip2 compressed files.

This can lead to the hard disk filling up and high CPU usage, which results in the PC slowing down as the decompression engine processes the large file.

Kaspersky, whose AntiVirus for Linux was affected, said it had already issued a patch and was now "busy developing a new anti-mail bomb technology that can protect users against such attacks generically".

Trend Micro has published a fix on its website to address the threat to its InterScan Viruswall products for Linux, Solaris, AIX, HP-UX and Sendmail systems.

Network Associates, whose McAfee Virus Scan for Linux v4.16.0 could be affected, said its engineers were addressing the problem.

Dr Peter Bieringer, a partner at AERAsec said, "We are testing other products and we expect to find further problems."

Last week Symantec was forced to correct a problem with its LiveUpdate automatic patch system and also its Norton Anti-Virus software that prevented users from using other applications like Word and Excel.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

COMMENTS powered by Disqus  //  Commenting policy